Security Data Processing Device

1. A security data processing device comprising a processor and a memory coupled to the processor, the processor configured to: receive a digital document, said digital document comprising at least one primary programming requirement specified by a first party for programming at least one programmable device; determine if receipt of said digital document is an attempt to fulfil the same digital document more than once by determining if there is a record stored in the memory that corresponds to the digital document; receive a programming request from a programming module of a programming machine in communication with said processor, said programming request requesting the programming of the at least one programmable device; determine if the programming request complies with the at least one primary programming requirement in the digital document; and wherein in response to said programming request complying with the at least one primary programming requirement in the digital document and there being no record stored in the memory that corresponds to the digital document, the processor is further configured to: output programming information to the programming module for programming the at least one programmable device; and permanently store a further record in the memory, wherein the further record corresponds to said digital document.

2. The security data processing device of claim 1 , wherein the digital document comprises one or more annex, wherein at least one of the one or more annex is specified by one of at least one further party and comprises at least one auxiliary programming requirement for programming the at least one programmable device.

3. The security data processing device of claim 1 , wherein the processor is configured to: generate a programming report providing an indication of programming undertaken by said programming machine; and output said programming report.

4. The security data processing device of claim 3 , wherein said processor is configured to output said programming report to one or more of: said programming module; said first party; and a database external to said security data processing device.

5. The security data processing device of claim 1 , wherein one or more of said at least one programming requirement specifies where said programming report is output.

6. The security data processing device of claim 1 , wherein at least one programming requirement specifies when a programming report is generated.

7. The security data processing device of claim 3 , wherein said processor is configured to digitally sign the programming report.

8. The security data processing device of claim 1 , wherein in response to said programming request failing to comply with the at least one primary programming requirement, the processor is configured to output an indication that the digital document has been rejected.

9. The security data processing device of claim 2 , wherein in response to said programming request failing to comply with the at least one auxiliary programming requirement or the at least one primary programming requirement, the processor is configured to output an indication that the digital document has been rejected.

10. The security data processing device of claim 1 , wherein in response to determining that there is a record stored in the memory that corresponds to the digital document, the processor is configured to transmit an indication that the digital document has been rejected to the first party.

11. The security data processing device of claim 3 , wherein said processor is configured to generate said programming report comprising one or more of: an indication of a number of programmable devices programmed by the programming machine since either: a previously generated programming report was generated; or a start time specified by a programming requirement; a programming report time indicating a time that said programming report is generated; and a reference to, or indication of, said digital document.

12. The security data processing device of claim 1 , wherein the processor is configured to: analyses each of the one or more annex independently; and determine if each of the one of more annex is in compliance with said programming request.

13. The security data processing device of claim 1 , wherein the digital document is digitally signed by the first party.

14. The security data processing device of claim 1 wherein one or more of the at least one programming requirement comprises at least one of: a threshold number of times a cryptographic key stored in the memory can be used in a cryptographic operation; a time period during which said programming machine is authorized to program said at least one programmable device; a feature of said at least one programmable device which must be configured to be disabled; and a number of programmable devices that the programming module is authorized to program.

15. The security data processing device of claim 1 , wherein said programming information comprises at least one of: cryptographic information stored in said memory; cryptographic information generated by said processor, optionally wherein said cryptographic information is generated in response to said processor receiving said programming request; cryptographic information retrieved from said digital document by said processor, preferably information retrieved from one or more of the at least one annex; and an instruction for said programming machine to obtain cryptographic information from a data store in communication with said programming machine.

16. The security data processing device of claim 1 , wherein said further record comprises at least one of: one or more characteristics of said digital document; and a reference to a programmable device that has been programmed by said programming machine.

17. The security data processing device of claim 1 , wherein at least one of said primary programming requirements comprises an indication of one or more security data processing devices that are allowed to output said programming information.

18. The security data processing device of claim 2 , wherein at least one of said auxiliary and primary programming requirements comprises an indication of one or more security data processing devices that are allowed to output said programming information.

19. A method comprising: receiving a digital document, said digital document comprising at least one primary programming requirement specified by the first party for programming at least one programmable device; determining when receipt of said digital document is an attempt to fulfil the same digital document more than once by determining when there is a record stored in the memory that corresponds to the digital document; receiving a programming request from a programming module of a programming machine in communication with said processor, said programming request requesting the programming of the at least one programmable device; determining when the programming request complies with the at least one primary programming requirement in the digital document; and wherein in response to said programming request complying with the at least one primary programming requirement in the digital document and there being no record stored in the memory that corresponds to the digital document, the method further comprises: outputting programming information to the programming module for programming the at least one programmable device; and permanently storing a further record in the memory, wherein the further record corresponds to said digital document.

20. A non-transitory computer-readable medium, the non-transitory computer-readable medium storing instructions that, when executed by a processor, cause the processor to: receive a digital document, said digital document comprising at least one primary programming requirement specified by the first party for programming at least one programmable device; determine if receipt of said digital document is an attempt to fulfil the same digital document more than once by determining if there is a record stored in the memory that corresponds to the digital document; receive a programming request from a programming module of a programming machine in communication with said processor, said programming request requesting the programming of the at least one programmable device; and determine if the programming request complies with the at least one primary programming requirement in the digital document; wherein in response to said programming request complying with the at least one primary programming requirement in the digital document and there being no record stored in the memory that corresponds to the digital document, the processor is further configured to: output programming information to the programming module for programming the at least one programmable device; and permanently store a further record in the memory, wherein the further record corresponds to said digital document.